Ar Iau, 2006-08-24 am 10:23 -0500, ysgrifennodd Serge E. Hallyn:> Or will the page associated with the tty already have the data, and this> really just needs to be fixed in the tty itself?

It is a matter of the timing and the device. You need to do revocationat the device level because your security state change must occur afterthe devices have all been dealt with. This is why I said you need thecore of revoke() to do this.

Patches like the one below are really trying to wallpaper over thecracks in an implementation that doesn't work. The moment you replacethat part of the implementation with a proper revocation method thatwaits for resources to be safe then it all works.

The security model is fine, the implementation is hitting the samerevocation feature wall as others.

> permission from a vma_area_struct. This can be used, for example,> by security modules wishing to revoke write permissions to a process> whose clearance has changed.

What about drivers that use get_user_pages() - they have a locked kernelmapping to the object but may not yet have accessed the data.

Plus the idea of a security indirect call every time we make a pagewritable does not make me happy when considering performance. Not oneiota.